You could do that, but the second recipient of the code would lose the original destination address and port information. This would be more like the REDIRECT target in iptables. On Wed, 2011-12-07 at 16:25 -0800, msk@xxxxxxxxxxxxx wrote: > I've been reading up on tproxy and nfqueue. Just to confirm my understanding > of the two: > > Could one write a layer of code that uses the nfq_*() functions to basically > implement what tproxy can do by simply adjusting the destination information > and checksum, and then returning NF_REPEAT verdicts for each? > > Thanks, > -MSK > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
